package cn.smartopen.aispace.controller.merchant;


import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import cn.smartopen.aispace.service.merchant.ZeroSysService;
import cn.smartopen.aispace.status.ResponseCode;
import cn.smartopen.aispace.status.ResponseResult;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;

@RestController
public class ZeroSysController {

    @Autowired
    ZeroSysService zeroSysService;

    @Operation(summary = "服务商确认令牌", description = "服务商获取用户提交的令牌后在此验证令牌的正确性")
    @PostMapping("/zerosys/login")
    public ResponseResult<String> confirmToken(
        @Parameter(description = "服务商公钥") @RequestParam("publicKey") String publicKey,
        @Parameter(description = "用户令牌") @RequestParam("tokenStr") String tokenStr,
        @Parameter(description = "APPID") @RequestParam("appId") String appId

    ){

        // 先验证APPID 商户
        String msg = zeroSysService.validAppId(appId,publicKey);
        if(msg!="SUCCESS"){
            return new ResponseResult<String>(ResponseCode.FAILURE,msg);
        }

        // 再验证令牌 登录用户
        msg = zeroSysService.validToken(tokenStr);

        if("令牌过期".equals(msg)){
            return new ResponseResult<String>(ResponseCode.TOKEN_EXPIRED,msg);
        }else if("无令牌信息".equals(msg)){
            return new ResponseResult<String>(ResponseCode.NO_TOKEN_INFO,msg);
        }

        // 验证通过后 返回的是登录用户的公钥信息
        return new ResponseResult<String>(ResponseCode.SUCCESS,msg);
    }
    
}
